Merge pull request #142 from sfozz/runner-in-container

Enable running the runner in a docker container
riemers · Nov 8, 2020 · 5bfe329 · 5bfe329
2 parents 73a6560 + 97460b3
commit 5bfe329
Show file tree

Hide file tree

Showing 11 changed files with 294 additions and 6 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -35,6 +35,9 @@ gitlab_runner_listen_address: ''
 gitlab_runner_windows_service_user: ''
 gitlab_runner_windows_service_password: ''
 
+# gitlab_runner_container_install
+gitlab_runner_container_install: false
+
 # A list of runners to register and configure
 gitlab_runner_runners:
     # The identifier of the runner.

diff --git a/handlers/main.yml b/handlers/main.yml
@@ -3,7 +3,7 @@
 - name: restart_gitlab_runner
   service: name=gitlab-runner state=restarted
   become: yes
-  when: ansible_os_family != 'Darwin' and ansible_os_family != 'Windows'
+  when: ansible_os_family != 'Darwin' and ansible_os_family != 'Windows' and not gitlab_runner_container_install
 
 # macOS
 - name: restart_gitlab_runner_macos
@@ -16,3 +16,10 @@
   args:
     chdir: "{{ gitlab_runner_config_file_location }}"
   when: ansible_os_family == 'Windows'
+
+# Container
+- name: restart_gitlab_runner_container
+  docker_container: 
+    name: "{{ gitlab_runner_container_name }}"
+    restart: yes
+  when: gitlab_runner_container_install
diff --git a/tasks/Container.yml b/tasks/Container.yml
@@ -0,0 +1,73 @@
+---
+- name: (Container) Install Gitlab Runner
+  import_tasks: install-container.yml
+  when: gitlab_runner_container_install
+
+- name: (Container) List configured runners
+  docker_container:
+    name: "{{ gitlab_runner_container_name }}"
+    image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}"
+    command: list
+    mounts:
+      - type: bind
+        source: "/srv/{{ gitlab_runner_container_name }}"
+        target: /etc/gitlab-runner
+    cleanup: yes
+    interactive: yes
+    tty: yes
+    detach: no
+  register: configured_runners
+  changed_when: False
+  check_mode: no
+
+- name: (Container) Check runner is registered
+  docker_container:
+    name: "{{ gitlab_runner_container_name }}"
+    image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}"
+    command: verify
+    mounts:
+      - type: bind
+        source: "/srv/{{ gitlab_runner_container_name }}"
+        target: /etc/gitlab-runner
+    cleanup: yes
+    interactive: yes
+    tty: yes
+    detach: no
+  register: verified_runners
+  ignore_errors: True
+  changed_when: False
+  check_mode: no
+
+- name: configured_runners?
+  debug:
+    msg: "{{configured_runners.container.Output}}"
+
+- name: verified_runners?
+  debug:
+    msg: "{{verified_runners.container.Output}}"
+
+- name: (Container) Register GitLab Runner
+  include_tasks: register-runner-container.yml
+  when: gitlab_runner.token is defined or gitlab_runner_registration_token | string | length > 0  # Ensure value is set
+  loop: "{{ gitlab_runner_runners }}"
+  loop_control:
+    index_var: gitlab_runner_index
+    loop_var: gitlab_runner
+
+- name: (Container) Set global options
+  import_tasks: global-setup.yml
+
+- name: (Container) Configure GitLab Runner
+  import_tasks: config-runners-container.yml
+
+- name: (Container) Start the container
+  docker_container:
+    name: "{{ gitlab_runner_container_name }}"
+    image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}"
+    mounts:
+    - type: bind
+      source: "/srv/{{ gitlab_runner_container_name }}"
+      target: /etc/gitlab-runner
+    - type: bind
+      source: /var/run/docker.sock
+      target: /var/run/docker.sock
diff --git a/tasks/config-runner-container.yml b/tasks/config-runner-container.yml
@@ -0,0 +1,37 @@
+---
+- name: Create temporary file
+  tempfile:
+    state: file
+    path: "{{ temp_runner_config_dir.path }}"
+    prefix: "gitlab-runner.{{ runner_config_index }}."
+  register: temp_runner_config
+  check_mode: no
+  changed_when: false
+
+- name: Isolate runner configuration
+  copy:
+    dest: "{{ temp_runner_config.path }}"
+    content: "{{ runner_config }}"
+  check_mode: no
+  changed_when: false
+
+- include_tasks: update-config-runner.yml
+  when:
+    - ('name = "'+gitlab_runner.name|default(ansible_hostname+'-'+gitlab_runner_index|string)+'"') in runner_config
+    - gitlab_runner.state|default('present') == 'present'
+  loop: "{{ gitlab_runner_runners }}"
+  loop_control:
+    index_var: gitlab_runner_index
+    loop_var: gitlab_runner
+
+- name: Remove runner config
+  file:
+    path: "{{ temp_runner_config.path }}"
+    state: absent
+  when:
+    - ('name = "'+gitlab_runner.name|default(ansible_hostname+'-'+gitlab_runner_index|string)+'"') in runner_config
+    - gitlab_runner.state|default('present') == 'absent'
+  loop: "{{ gitlab_runner_runners }}"
+  loop_control:
+    index_var: gitlab_runner_index
+    loop_var: gitlab_runner
diff --git a/tasks/config-runners-container.yml b/tasks/config-runners-container.yml
@@ -0,0 +1,36 @@
+---
+- name: Get existing config.toml
+  slurp:
+    src: "{{ gitlab_runner_config_file }}"
+  register: runner_config_file
+
+- name: Get pre-existing runner configs
+  set_fact:
+    runner_configs: "{{ (runner_config_file['content'] | b64decode).split('[[runners]]\n') }}"
+
+- name: Create temporary directory
+  tempfile:
+    state: directory
+    suffix: gitlab-runner-config
+  register: temp_runner_config_dir
+  check_mode: no
+  changed_when: false
+
+- name: Write config section for each runner
+  include_tasks: config-runner-container.yml
+  loop: "{{ runner_configs }}"
+  loop_control:
+    index_var: runner_config_index
+    loop_var: runner_config
+
+- name: Assemble new config.toml
+  assemble:
+    src: "{{ temp_runner_config_dir.path }}"
+    dest: "{{ gitlab_runner_config_file }}"
+    delimiter: '[[runners]]\n'
+    backup: yes
+    validate: |
+      docker run -i --rm -v %s:/gitlab-runner.conf
+      {{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }} 
+      verify -c /gitlab-runner.conf
+    mode: 0600
diff --git a/tasks/install-container.yml b/tasks/install-container.yml
@@ -0,0 +1,10 @@
+---
+- name: (Container) Pull Image from Registry
+  docker_image:
+    name: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}"
+    source: pull
+
+- name: (Container) Define Container volume Path
+  file:
+    state: directory
+    path: "/srv/{{ gitlab_runner_container_name }}"
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -10,10 +10,14 @@
       paths:
         - 'vars'
 
+- name: Install Gitlab Runner (Container)
+  import_tasks: Container.yml
+  when: gitlab_runner_container_install
+
 - name: Install GitLab Runner (Unix)
   import_tasks: Unix.yml
-  when: ansible_os_family != 'Windows'
+  when: ansible_os_family != 'Windows' and not gitlab_runner_container_install
 
 - name: Install GitLab Runner (Windows)
   import_tasks: Windows.yml
-  when: ansible_os_family == 'Windows'
+  when: ansible_os_family == 'Windows' and not gitlab_runner_container_install
diff --git a/tasks/register-runner-container.yml b/tasks/register-runner-container.yml
@@ -0,0 +1,114 @@
+---
+- name: Clear Config File
+  block:
+    - name: remove config.toml file
+      file:
+        path: "{{ gitlab_runner_config_file }}"
+        state: absent
+
+    - name: Ensure config.toml exists
+      file:
+        path: "{{ gitlab_runner_config_file }}"
+        state: touch
+        modification_time: preserve
+        access_time: preserve
+  when: (verified_runners.container.Output.find("Verifying runner... is removed") != -1)
+
+- name: Register runner to GitLab
+  docker_container:
+    name: "{{ gitlab_runner_container_name }}"
+    image: "{{ gitlab_runner_container_image }}:{{ gitlab_runner_container_tag }}"
+    command: |
+      register
+      --non-interactive
+      --url '{{ gitlab_runner_coordinator_url }}'
+      --registration-token '{{ gitlab_runner.token|default(gitlab_runner_registration_token) }}'
+      --description '{{ gitlab_runner.name|default(ansible_hostname+"-"+gitlab_runner_index|string) }}'
+      --tag-list '{{ gitlab_runner.tags|default([]) | join(",") }}'
+      {% if gitlab_runner.clone_url|default(false) %}
+      --clone-url "{{ gitlab_runner.clone_url }}"
+      {% endif %}
+      {% if gitlab_runner.run_untagged|default(true) %}
+      --run-untagged
+      {% endif %}
+      --executor '{{ gitlab_runner.executor|default("shell") }}'
+      --limit '{{ gitlab_runner.concurrent_specific|default(0) }}'
+      --output-limit '{{ gitlab_runner.output_limit|default(4096) }}'
+      --locked='{{ gitlab_runner.locked|default(false) }}'
+      {% for env_var in gitlab_runner.env_vars|default([]) %}
+      --env '{{ env_var }}'
+      {% endfor %}
+      {% if gitlab_runner.pre_clone_script|default(false) %}
+      --pre-clone-script "{{ gitlab_runner.pre_clone_script }}"
+      {% endif %}
+      {% if gitlab_runner.pre_build_script|default(false) %}
+      --pre-build-script "{{ gitlab_runner.pre_build_script }}"
+      {% endif %}
+      {% if gitlab_runner.post_build_script|default(false) %}
+      --post-build-script "{{ gitlab_runner.post_build_script }}"
+      {% endif %}
+      --docker-image '{{ gitlab_runner.docker_image|default("alpine") }}'
+      {% if gitlab_runner.docker_privileged|default(false) %}
+      --docker-privileged
+      {% endif %}
+      {% if gitlab_runner.docker_tlsverify|default(false) %}
+      --docker-tlsverify '{{ gitlab_runner.docker_tlsverify|default("true") }}'
+      {% endif %}
+      {% if gitlab_runner.docker_dns|default(false) %}
+      --docker-dns '{{ gitlab_runner.docker_dns|default("1.1.1.1") }}'
+      {% endif %}
+      {% for volume in gitlab_runner.docker_volumes | default([]) %}
+      --docker-volumes "{{ volume }}"
+      {% endfor %}
+      --ssh-user '{{ gitlab_runner.ssh_user|default("") }}'
+      --ssh-host '{{ gitlab_runner.ssh_host|default("") }}'
+      --ssh-port '{{ gitlab_runner.ssh_port|default("") }}'
+      --ssh-password '{{ gitlab_runner.ssh_password|default("") }}'
+      --ssh-identity-file '{{ gitlab_runner.ssh_identity_file|default("") }}'
+      {% if gitlab_runner.cache_type is defined %}
+      --cache-type '{{ gitlab_runner.cache_type }}'
+      {% endif %}
+      {% if gitlab_runner.cache_shared|default(false) %}
+      --cache-shared
+      {% endif %}
+      {% if gitlab_runner.cache_path is defined %}
+      --cache-path '{{ gitlab_runner.cache_path }}'
+      {% endif %}
+      {% if gitlab_runner.cache_s3_server_address is defined %}
+      --cache-s3-server-address '{{ gitlab_runner.cache_s3_server_address }}'
+      {% if gitlab_runner.cache_s3_access_key is defined %}
+      --cache-s3-access-key '{{ gitlab_runner.cache_s3_access_key }}'
+      {% endif %}
+      {% if gitlab_runner.cache_s3_secret_key is defined %}
+      --cache-s3-secret-key '{{ gitlab_runner.cache_s3_secret_key }}'
+      {% endif %}
+      {% endif %}
+      {% if gitlab_runner.cache_s3_bucket_name is defined %}
+      --cache-s3-bucket-name '{{ gitlab_runner.cache_s3_bucket_name }}'
+      {% endif %}
+      {% if gitlab_runner.cache_s3_bucket_location is defined %}
+      --cache-s3-bucket-location '{{ gitlab_runner.cache_s3_bucket_location }}'
+      {% endif %}
+      {% if gitlab_runner.builds_dir|default(false) %}
+      --builds-dir '{{ gitlab_runner.builds_dir }}'
+      {% endif %}
+      {% if gitlab_runner.cache_dir|default(false) %}
+      --cache-dir '{{ gitlab_runner.cache_dir }}'
+      {% endif %}
+      {% if gitlab_runner.cache_s3_insecure|default(false) %}
+      --cache-s3-insecure
+      {% endif %}
+      {% if gitlab_runner.extra_registration_option is defined %}
+      {{ gitlab_runner.extra_registration_option }}
+      {% endif %}
+    mounts:
+    - type: bind
+      source: "/srv/{{ gitlab_runner_container_name }}"
+      target: /etc/gitlab-runner
+    cleanup: yes
+    auto_remove: yes
+  when: (verified_runners.container.Output.find("Verifying runner... is removed") != -1) or
+        ((configured_runners.container.Output.find('\n' + gitlab_runner.name|default(ansible_hostname+'-'+gitlab_runner_index|string)) == -1) and
+        (gitlab_runner.state|default('present') == 'present'))
+  no_log: false
+
diff --git a/tasks/update-config-runner.yml b/tasks/update-config-runner.yml
@@ -474,7 +474,7 @@
   lineinfile:
     dest: "{{ temp_runner_config.path }}"
     regexp: '^\s*port ='
-    line: '  port = {{ gitlab_runner.ssh_port|default("") | to_json }}'
+    line: '  port = "{{ gitlab_runner.ssh_port|default("") | to_json }}"'
     state: "{{ 'present' if gitlab_runner.ssh_port is defined else 'absent' }}"
     insertafter: '^\s*\[runners\.ssh\]'
     backrefs: no

diff --git a/tests/test.yml b/tests/test.yml
@@ -21,7 +21,7 @@
         path: "~/mock_ci.pid"
         state: absent
       when: run_mock_server
-    - name: Run the mock CI
+    - name: Start the mock CI
       shell: "python ~/mock_gitlab_runner_ci.py ~/mock_ci.pid 6060  >~/mock_ci.log 2>&1"
       async: 3600
       poll: 0
@@ -46,6 +46,6 @@
         src: "~/mock_ci.pid"
       register: pidfile_b64
       when: run_mock_server
-    - name: Run the mock CI
+    - name: kill the mock CI
       command: "kill {{ pidfile_b64.content | b64decode }}"
       when: run_mock_server
diff --git a/vars/default.yml b/vars/default.yml
@@ -1 +1,5 @@
 ---
+gitlab_runner_container_install: false
+gitlab_runner_container_image: gitlab/gitlab-runner
+gitlab_runner_container_tag: latest
+gitlab_runner_container_name: gitlab-runner